<?php
namespace app\api\service\v1;
use OSS\OssClient;
use OSS\Core\OssException;
use AlibabaCloud\SDK\Sts\V20150401\Sts;
use AlibabaCloud\Tea\Exception\TeaError;
use AlibabaCloud\Tea\Utils\Utils;
use AlibabaCloud\SDK\Sts\V20150401\Models\AssumeRoleRequest;
use AlibabaCloud\Tea\Utils\Utils\RuntimeOptions;
use Darabonba\OpenApi\Models\Config;
use think\Exception;
use think\facade\Env;
//require_once Env::get("app_path"). '../vendor/aliyuncs/oss-sdk-php/autoload.php';
class UploadService
{
    private static $instance;
    # 阿里云OSS
    private static $AccessKeyID = "LTAI5tKdyPqZZWG8sxXVQdb9";
    private static $AccessKeySecret = "QoziyVvyCvUqGIymlzbHLpV2vhjIwb";
    private static $ARN = "acs:ram::1908612129283614:role/ramoss";
    private static $endpoint = "https://cms-tp5-hyh.oss-cn-fuzhou.aliyuncs.com";
    private static $bucket = "cms-tp5-hyh";

    public static function getInstance(): UploadService
    {
        if (!self::$instance instanceof self) {
            self::$instance = new self();
        }
        return self::$instance;
    }

    public static function createClient($accessKeyId, $accessKeySecret){
        $config = new Config([
            // 必填，您的 AccessKey ID
            "accessKeyId" => $accessKeyId,
            // 必填，您的 AccessKey Secret
            "accessKeySecret" => $accessKeySecret
        ]);
        // 访问的域名
        $config->endpoint = "sts.cn-fuzhou.aliyuncs.com";

        return new Sts($config);
    }

    public function ossToken(){
        $data = [];
        try {
//            $client = new OssClient(self::$AccessKeyID,self::$AccessKeySecret, "sts.cn-fuzhou.aliyuncs.com");
            $client = self::createClient(self::$AccessKeyID,self::$AccessKeySecret);
            $assumeRoleRequest = new AssumeRoleRequest([
                // roleArn填写步骤2获取的角色ARN，例如acs:ram::175708322470****:role/ramtest。
                "roleArn" => self::$ARN,
                // roleSessionName用于自定义角色会话名称，用来区分不同的令牌，例如填写为sessiontest。
                "roleSessionName" => "sessiontest",
                // durationSeconds用于设置临时访问凭证有效时间单位为秒，最小值为900，最大值以当前角色设定的最大会话时间为准。本示例指定有效时间为3000秒。
                "durationSeconds" => 3000,
                // policy填写自定义权限策略，用于进一步限制STS临时访问凭证的权限。如果不指定Policy，则返回的STS临时访问凭证默认拥有指定角色的所有权限。
                // 临时访问凭证最后获得的权限是步骤4设置的角色权限和该Policy设置权限的交集。
    //      "policy" => ""
            ]);
            $runtime = new RuntimeOptions(["ignoreSSL"=>"ignoreSSL"]);
//            // 复制代码运行请自行打印 API 的返回值
            $result = $client->assumeRoleWithOptions($assumeRoleRequest, $runtime);
            printf("Expiration:".$result->body->credentials->expiration.PHP_EOL);
            $data = [
                "AccessKeyId" => $result->body->credentials->accessKeyId. PHP_EOL,
                "AccessKeySecret"=> $result->body->credentials->accessKeySecret.PHP_EOL,
                "SecurityToken"=>$result->body->credentials->securityToken.PHP_EOL
            ];
        }catch (Exception $error){
            if (!($error instanceof TeaError)) {
                $error = new TeaError([], $error->getMessage(), $error->getCode(), $error);
            }
            // 如有需要，请打印 error
            Utils::assertAsString($error->message);
        }

        return $data;
    }
}
